package com.wn.filter;

import com.wn.bean.User;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * @author yellow Docter
 * @date 2022 -07-05
 * @desc
 */

@WebFilter(value = {"/admin/*"})
public class AdminFilter  extends HttpFilter {

    //拦截方法
    @Override
    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {

        res.setContentType("text/html;charset=utf-8");

        // 01 从 req 中拿到  session 从session中拿到 登录的用户的等级
        HttpSession session = req.getSession();

        User user = (User) session.getAttribute("user");

        if (user == null){ //没有登录
            res.getWriter().write("亲,先登录");
        }else{
            //判断等级
            if (user.getGrade() == 2){ //管理员 放行
                chain.doFilter(req,res);
            }else{
                res.getWriter().write("亲,你的权限不够....");
            }
        }
    }
}
